For the past few years, I've been involved in examining intrusions by a group informally known as Comment Crew -- which are now better known as 'APT1' following the recent release of the report from Mandiant. This group falls into the class of the 'Advanced Persistent Threat' and are known to use compromised web sites to supply command/control to compromised systems. I have a live demo of an annotated attack against a fictitious company, using custom malware and metasploit. It shows how attackers initially compromise a system, supply commands, install additional malware, gain privileges in post-exploit and loot the network for fun and profit! All-in-all it takes about an hour including questions as we go. It's targeted toward beginner/intermediate and we can focus on the demo-malware code itself if we have lots of devs - advanced pentesters will find it pretty typical.

+

+

'''Dave's Bio:'''

+

+

''Dave Ockwell-Jenner has an extensive background in technology: from building one of the Internet’s earliest major web sites, to helping secure some of the world’s most critical systems. He has led the development of solutions for some of Canada’s most prominent technology companies, including Research In Motion and Nortel.''

+

+

''He currently works for a Swiss-based company that specializes in IT and communications for the Air Transport Industry. In this role he has focused on designing and delivering the company's secure software development lifecycle. Through this, Dave regularly trains developers in secure software techniques, and has co-authored the SANS course on Developing Defensible Java EE Solutions.''

+

+

''Dave also runs a boutique security consultancy called Prime Information Security, concentrating on information security within Small-to-Medium Businesses. He is a security blogger for TELUS and also co-founded a business networking organization called the Small Business Community Network (SBCN).''

+

+

+

''' We would like to provide some food & bervage so if you're planning on attending please RSVP so we can plan accordingly'''

'''Description:''' For this informal meeting, we will have brief introductions, complete some general housekeeping, and discuss what we would like to get out of our local chapter. For the second half, our guest speaker will present an introduction to web services security testing

'''Description:''' For this informal meeting, we will have brief introductions, complete some general housekeeping, and discuss what we would like to get out of our local chapter. For the second half, our guest speaker will present an introduction to web services security testing

Line 63:

Line 95:

= Social Media=

= Social Media=

You can follow us on Twitter @OWASP_KW

You can follow us on Twitter @OWASP_KW

+

+

= Other Chapter Events=

+

+

We partner with other chapters, and display their upcoming events in this section in case you are visiting our chapter from somewhere else or you will be in their area, feel free to stop by their events and see what is new and happening at their meetings.

OWASP Kitchener/Waterloo

funds to OWASP earmarked for Kitchener/Waterloo. Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Presentation Brief:
China: All up in your business - Annoying Persistent Threat edition

For the past few years, I've been involved in examining intrusions by a group informally known as Comment Crew -- which are now better known as 'APT1' following the recent release of the report from Mandiant. This group falls into the class of the 'Advanced Persistent Threat' and are known to use compromised web sites to supply command/control to compromised systems. I have a live demo of an annotated attack against a fictitious company, using custom malware and metasploit. It shows how attackers initially compromise a system, supply commands, install additional malware, gain privileges in post-exploit and loot the network for fun and profit! All-in-all it takes about an hour including questions as we go. It's targeted toward beginner/intermediate and we can focus on the demo-malware code itself if we have lots of devs - advanced pentesters will find it pretty typical.

Dave's Bio:

Dave Ockwell-Jenner has an extensive background in technology: from building one of the Internet’s earliest major web sites, to helping secure some of the world’s most critical systems. He has led the development of solutions for some of Canada’s most prominent technology companies, including Research In Motion and Nortel.

He currently works for a Swiss-based company that specializes in IT and communications for the Air Transport Industry. In this role he has focused on designing and delivering the company's secure software development lifecycle. Through this, Dave regularly trains developers in secure software techniques, and has co-authored the SANS course on Developing Defensible Java EE Solutions.

Dave also runs a boutique security consultancy called Prime Information Security, concentrating on information security within Small-to-Medium Businesses. He is a security blogger for TELUS and also co-founded a business networking organization called the Small Business Community Network (SBCN).

We would like to provide some food & bervage so if you're planning on attending please RSVP so we can plan accordingly

Speakers

We are always looking for security minded speakers to present on a topic of your choice, Developers, Quality Assurance, Project Managers, Managers are all welcome, if you're interested please contact one of the chapter leaders.

Meetings

Meetings are open, free and welcoming for all to attend. Some Beverages & food will be provided.

Description: For this informal meeting, we will have brief introductions, complete some general housekeeping, and discuss what we would like to get out of our local chapter. For the second half, our guest speaker will present an introduction to web services security testing

Speaker Bio: Steve Hendrikse is a Technical Security Analyst with Research In Motion. He specializes in web application security assessment and testing. Steve also has a leading role within the Corporate Security Department in developing and extending the Secure Development Lifecycle at RIM. Steve studied Computer Science at the University of Western Ontario and attained an MSc. in Information Security from the Royal Holloway. His interests include application/system usability and accessibility, reverse engineering, and design for security.

Outcome / Update: Our first meeting was a great success. We had 9 people attend, including our speaker. We had some techical diffictulties with our projector setup, but were able to overcome it due to the small crowd. The presentation was very interesting and the speaker was Class One. Thanks Steve for a great / informative presentation. Below is a link to the slideshow portion of the presentation for anyone intersted in the topic to view. We are looking forward to our next meeting, hoping some time in May / June. Stay tuned.

Donations

OWASP is a non-profit vendor neutral organization we are committed to raising the collective security awareness and knowledge in the Kitchener-Waterloo IT community, globally working with our OWASP parent organization to provide the IT community with tools & resources to better make the IT professional aware of security vulnerabilities. If you're a security dedicated individual and you would like to help the Kitchener-Waterloo chapter, put on events, educate the IT professionals and the public. Please consider making a donation through the donate button on this page.

Social Media

You can follow us on Twitter @OWASP_KW

Other Chapter Events

We partner with other chapters, and display their upcoming events in this section in case you are visiting our chapter from somewhere else or you will be in their area, feel free to stop by their events and see what is new and happening at their meetings.